if (dgbl == NULL)
return NULL;
+#ifndef FIPS_MODE
+ /*
+ * We need to ensure that base libcrypto thread handling has been
+ * initialised.
+ */
+ OPENSSL_init_crypto(0, NULL);
+#endif
+
if (!CRYPTO_THREAD_init_local(&dgbl->private_drbg, NULL))
goto err1;
/*
* NIST SP800-90Ar1 section 9.1 says you can combine getting the entropy
* and nonce in 1 call by increasing the entropy with 50% and increasing
- * the minimum length to accomadate the length of the nonce.
+ * the minimum length to accommodate the length of the nonce.
* We do this in case a nonce is require and get_nonce is NULL.
*/
if (drbg->min_noncelen > 0 && drbg->get_nonce == NULL) {
return NULL;
}
-void drbg_delete_thread_state(void)
+static void drbg_delete_thread_state(void *arg)
{
- /* TODO(3.0): Other PRs will pass the ctx as a param to this function */
- OPENSSL_CTX *ctx = NULL;
+ OPENSSL_CTX *ctx = arg;
DRBG_GLOBAL *dgbl = drbg_get_global(ctx);
RAND_DRBG *drbg;
drbg = CRYPTO_THREAD_get_local(&dgbl->public_drbg);
if (drbg == NULL) {
- if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_RAND))
+ ctx = openssl_ctx_get_concrete(ctx);
+ if (!ossl_init_thread_start(NULL, ctx, drbg_delete_thread_state))
return NULL;
drbg = drbg_setup(ctx, dgbl->master_drbg, RAND_DRBG_TYPE_PUBLIC);
CRYPTO_THREAD_set_local(&dgbl->public_drbg, drbg);
drbg = CRYPTO_THREAD_get_local(&dgbl->private_drbg);
if (drbg == NULL) {
- if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_RAND))
+ ctx = openssl_ctx_get_concrete(ctx);
+ if (!ossl_init_thread_start(NULL, ctx, drbg_delete_thread_state))
return NULL;
drbg = drbg_setup(ctx, dgbl->master_drbg, RAND_DRBG_TYPE_PRIVATE);
CRYPTO_THREAD_set_local(&dgbl->private_drbg, drbg);